Effective Governance During SOA

Lifecycle - Theory and Practice

George Joukhadar1(&) and Fethi Rabhi2

1
School of Information Systems, Technology and Management,
University of New South Wales, Sydney, Australia
g.joukhadar@student.unsw.edu.au
2
School of Computer Science and Engineering,
University of New South Wales, Sydney, Australia
f.rabhi@unsw.edu.au

Abstract. This research provides a theoretical conceptualization of SOA

governance aspects that can be used to assess SOA governance practices and
provide guidance to improve them. The review of IT and SOA governance
shows that there are conflicting claims and inconsistency in the literature
concerning the role of SOA governance. Moreover, there is no empirical evi-
dence on the implications of the governance frameworks used for SOA and
how they are working in the most effective ways. As a result, there is confusion
in practice as the issues of SOA governance have not been successfully
addressed. Based on an extensive analysis of major governance frameworks, a
comprehensive list of key SOA governance aspects is proposed. This research
will focus on the assessment of the importance of SOA governance aspects by
finding the role of the governance framework during the different activities of
SOA lifecycle and outlining the discrepancies between theory and practice.

Keywords: Service-oriented  IT governance  SOA governance  SOA

governance model  Governance aspects  Governance processes  Service
lifecycle

1 Introduction

Service Oriented Architecture (SOA) governance has become a topic of high interest
for both academics and practitioners. While the academic literature is focusing on the
technical aspects associated of SOA [1, 2] and the major software vendors are putting
huge efforts to promote the growth of SOA adoption [1], there has been a lack of
empirical evidence about SOA governance and SOA governance models. CIOs are
recognizing the need to align business and IT in meaningful and measurable ways
[3, 4]. However, no common understanding of SOA governance exists [5]. This
research focuses on drawing the main aspects of SOA governance from previous work
and examines the role of these aspects in building effective SOA governance.
Section 2 of this paper provides a literature review on the major aspects of SOA
governance. Section 3 discusses the research approach, methodology and design used
to achieve the aims of this study while Sects. 4 and 5 address the preliminary results
and future work respectively.

J.G. Davis et al. (Eds.): ASSRI 2013, LNBIP 177, pp. 1528, 2014.
DOI: 10.1007/978-3-319-07950-9_2,  Springer International Publishing Switzerland 2014
16 G. Joukhadar and F. Rabhi

2 Literature Review
2.1 SOA Governance Standards
The difference between SOA and IT architectures is its emphasis on Information
Systems (IS) agility which enhances business agility [6]. Unlike other architectures,
the SOA paradigm creates an IT view from a business process perspective. It allows
these business processes to be constructed, analyzed, and modified much more
easily [7].
Researchers agree that organizations planning to broadly adopt SOA should start
with governance [813]. Organizations need to decide how to implement governance
over the SOA implementation in the organization. Technology adoption alone is not
enough to enable business or IT transformation [4] - for the fact that decisions made in
the information system affect and are affected by the impact that IT has on business
processes [14]. When organizations choose to treat integration as just another tech-
nology implementation, experiences show zero to minimal reuse, minimal improve-
ment in business responsiveness or flexibility, and higher IT costs over time [4].
Therefore, we see that SOA governance is extending out of IT and merging with
business considerations [15]. This comprehensive SOA governance will provide
additional strength to the overall information management policies, and aid in
maintaining the authenticity and integrity of the corporate information assets [16].
In order to address the existing challenges and successful SOA adoption, orga-
nizations need exact definition of processes and relationships, control mechanisms,
SOA metrics and enforcement of policies that are defined in an SOA governance
framework. The role of an SOA governance framework is defining the set of pro-
cesses, organization structures, policies, solutions and technologies that can help to
manage complex SOA deployment in an effective and efficient manner [17].

2.2 SOA Governance Framework Aspects

There is a general consensus in the literature that there are many different aspects of
SOA governance. These aspects vary across different authors and vendors. To identify
the existing SOA governance aspects, an extensive literature review on major IT and
SOA governance frameworks has been conducted.
Review of Major IT Governance Frameworks
The IT Infrastructure Library (ITIL) mainly deals with IT process definition [12]. It
supports implementation of processes related to delivery and support of IT and details
establishment and maintenance of service level agreements and operation level
agreements.
The basis of COBIT is that accountability of the IT systems is achieved by the use
of a set of audit control processes [18]. The framework provides a definition of IT
governance consisting of four domains and 34 processes. Each process contains a
number of IT governance maturity indicators, such as activities, documents, metrics,
and support for role and responsibility assignment. These 34 reference processes are
 Effective Governance During SOA Lifecycle 17

defined as control framework, more tightly aligned with the business objectives of the
organization than with operational issues [12, 19].
Val IT takes IT governance onto a higher level of abstraction by providing general
directions on how to manage IT from a business point of view. The high level of
abstraction is however also a limitation, as Val IT purely focuses on the interface
between IT and the business and lacks the support to represent e.g. the processes of an
IT organization [20]. Val IT takes on where COBIT ends, and the two frameworks
complement each other well [21].
While COBIT processes manage all IT related activities and Val IT best describes
how to progress and maximize the return on investment, the role of Risk IT is enhance
risk management. Risk IT was published in 2009 by ISACA [22]. It is the result of a
work group composed by industry experts and some academics of different nations,
coming from organizations such as IBM, PricewaterhouseCoopers, Risk Management
Insight, Swiss Life, and KPMG. Risk IT is a framework based on a set of guiding
principles for effective management of IT risk [22].
The COBIT 5 framework is the successor to the COBIT 4.1, with the Risk IT and
Val IT frameworks integrated as well. Where principles, policies, frameworks, cul-
ture, ethics and behaviour were mentioned in a few COBIT 4.1 processes, COBIT 5 is
based on a revised process reference model with a new governance domain and
several new and modified processes that now cover enterprise activities end-to-end,
i.e., business and IT function areas. COBIT 5 consolidates COBIT 4.1, Val IT and
Risk IT into one framework, and has been updated to align with current best practices,
e.g. ITIL [23].
Weill and Ross [24] have identified six interacting components for the effective
design of IT Governance in their framework. Their main focus lies in the use of IT
metrics and accountabilities to influence behaviour. The goal is to create target-
oriented incentives in order to evoke specific desirable behaviour. However, their
model does not cover SOA lifecycle [12].
SOA Governance Frameworks Proposed in the Research Literature
Numerous models for SOA Governance have been proposed so far. Most of them are
motivated by software providers that offer SOA business solutions and closely align
their SOA governance perspectives with their products [12]. They differ extensively in
scope and capability and many remain abstract. They emphasize on different aspects,
e.g., service lifecycle management or organizational change.
Bieberstein et al. [25] propose an SOA Governance Model in which they identify
six governance processes and three steps for launching the SOA governance model.
They found that SOA strategy and SOA objectives should be defined in such a way
that both the business and IT units have a clear understanding of such objectives.
Accordingly, policies defined by governance positions should form the basis for any
decision. Their model is made complete by a set of best practices.
Derler and Weinreich [26] propose a framework that deals mainly with services.
They looked at the governance issues from a technical side. They provided two main
tools: the Service Repository Console and the Service Browser. They stated that their
model is to support service reuse and service lifecycle activities.
18 G. Joukhadar and F. Rabhi

Kuang-Yu et al. [27] developed their own framework because they could not find
any suitable on the market that could meet their special requirements for Chunghwa
Telecom (CHT). The main functions of their system which they called Service Ori-
ented Bus (SOBUS) are: (1) Managing the applications and registrations of the ser-
vices on Enterprise Service Bus (ESB). (2) Managing and monitoring the web services
and messages services. (3) Analysis of services performance.
Varadan et al. [4] enlightened in their framework on the added benefits of an SOA
documented vision and how it can drive the scope towards an SOA governance. They
cited four governance processes that must be included in the framework: compliance,
vitality, exceptions and appeals and communication. They argued that the use of
Enterprise Service Bus is essential for SOA adoption and how using it with a registry
can increase business benefits.
Neimann et al. [12, 28] propose an SOA governance framework that consists of
two parts: the SOA Governance Control Cycle and the SOA Governance Operational
model. According to them, the first represents the overall steering process that controls
the operation of the SOA system and it consists of four phases: planning, design,
realization and operation. The operational model describes the activities and com-
petencies. They argued that the two parts interact with each other.
de Leusse et al. [29] propose an SOA governance framework based on require-
ments that underline the need for policy and process management, policy adminis-
tration, resource life-cycle management, resource adaptation, resource visibility and
resource contextualization. They made a distinction between the operational, data and
management models. In the operational model, they listed: business capability,
infrastructure capability, access control, identity management, message interceptor,
metadata repository, policy management, profile management and service registry. In
the Object model, they listed the policies and processes. In the management model,
they listed profile management, capability management and governance layer base.
Hojaji and Shirazi [17, 30, 31], developed an SOA governance framework based
on COBIT 4.1. Their framework consists of a set of service lifecycle processes
governed by governance processes. They stated that their framework contributes to
SOA governance needs by: promoting the alignment of business and IT, organizing
service lifecycle and governance processes, defining the management control objec-
tives, providing SOA reference architecture and infrastructure, and providing metrics
and maturity models to measure achievement of defined goals.
Vendor-Based SOA Governance Frameworks
The SOA governance approach proposed by Oracle consists of nine key areas of
interest, that are combined with a structured set of best practices. It is completed by
an SOA adaptation model which defines a cycle of six steps that supports continuous
improvement of the SOA [32].
Software AG [8] identifies maturity and governance levels. Their maturity model
is consisted of six levels and they also defined an SOA service lifecycle which
incorporates services, artifacts and roles. They provided a five-step SOA adaptation
plan and a set of best practices [28].
Before being acquired by Software AG in 2007, the SOA governance approach at
WebMethods consists of two parts: Architecture Governance and Service Lifecycle
 Effective Governance During SOA Lifecycle 19

Governance. The latter is divided into design-time, run-time and change-time Gov-
ernance. Architecture Governance deals with issues such as corporate technology
standards, the definition of an SOA topology and the determination of an SOA plat-
form strategy. Service Lifecycle Governance focuses on the regulation of design, etc.
of services through its respective policies and enforcement mechanisms [28, 33].
Authors at IBM - have defined SOA Governance as an extension of IT Governance
that focuses on the service lifecycle and composite applications [28]. The IBM SOA
Governance model comprises a service lifecycle and an SOA governance lifecycle,
both consist of four phases [3436]. They also advocated a best practice approach for
performing SOA governance called SOA Governance and Management Method
(SGMM). SGMM focuses on the three main aspects: people (including governance
organizational structures and the concept of a Center of Excellence), process (the
governance processes used to govern the SOA) and technology. The SGMM reference
model defines concepts in terms of principles, organizations roles and responsibilities,
infrastructure and tools, and governing and governed processes.
In conclusion there are many IT and SOA governance frameworks, either pro-
posed or vendor-based. The next section will show which aspects are recognized by
each of frameworks reviewed above.

2.3 Summary of SOA Governance Aspects

Based on an extensive analysis of governance frameworks described above, a com-
prehensive list of key SOA governance aspects is proposed. This paragraph will define
each of these aspects, set them up in a table to compare them against different
proposed frameworks, and discuss the research issues. The aspects could be classified
into the followings two categories:
SOA Business Aspects
SOA vision: This element shows to which degree implementing an SOA gover-
nance model can provide a clear SOA vision for the enterprise. Its role is to make
sure SOA is compliant with the governed processes.
SOA roadmap: Is one of the most important aspects of the framework; its major role
is in the Planning phase as well defining an SOA Strategy Plan process [17].
SOA maturity: Is a method of evaluating the organization that creates an under-
standing of the maturity level of SOA within the organization and its readiness to
ensure that framework is defined in an appropriate level for the organization [30].
Service lifecycle management: Is the key component of an SOA governance
framework [37]. It includes the processes to produce and manage services. It
comprises main processes to design, develop, deploy, manage and retire services
[30].
Service Portfolio Management: Is the main process of the service strategy involved
determinant control objectives and measurement metrics [17].
SOA Business capabilities: When implementing SOA organizations should be able
to realize business capabilities to gain increased visibility across the IT landscape.
20 G. Joukhadar and F. Rabhi

Governance processes: Includes the governance processes to manage service life-

cycle activities.
Organizational change management: Companies that build strong SOA governance
and change management capabilities in tandem with their SOA technology and
processes are poised to reap significant improvements in business agility and
speed to market [38].
SOA Governance Board (or Centre of Excellence - CoE): This is referred to the
board of people who govern SOA.
Open service market-place management: The governance framework should go
over geographical boundaries [12].

SOA Technical Aspects

Enterprise Service Bus (ESB): The Enterprise Service Bus role is to simplify the
integration of business components using a standards-based, service-oriented
architecture.
Service performance analysis: This includes the cost to build a new service, elapsed
time to build a new service, service utilization, cost to run the service, governance
costs and mainly Return on Investment (ROI).
Policy management: This is the role of the governance Board or (Centre of
Excellence). Policies should define clearly the role and responsibility of who will
manage, change, and use the service.
Best practices deployment: Organizations should use best practices and guidance
related to SOA and service management especially for determining control objec-
tives and measurement metrics [17].
SOA Governance Technology: Controls and policies should be introduced enforced
in the SOA service lifecycle [17].
Infrastructure capability: Organizations need to assure that their infrastructure is
ready to launch a service.
Process monitoring and evaluation: is being considered part of the governance
lifecycle and the service operation of the service lifecycle [17].
Service transparency control: Through the registration and discovery mechanism,
SOA should provide service location transparency, which allows clients not to
know about where a component or service is actually located.
Service security control: Organizations need to assure their services are secure
enough to use.

Table 1 classifies the SOA governance aspects and shows how these aspects are
addressed by the IT and SOA governance frameworks discussed previously.
In conclusion, there is no empirical evidence on the implications of the gover-
nance frameworks used for SOA and how these frameworks are actually working in
the most effective way. There is so much that is not known and not researched and
there are many claims made in the literature that are not substantiated by empirical
evidence. As a result there is confusion about the usage of SOA governance, and
hence the aspects of SOA governance have not been successfully addressed.
 Effective Governance During SOA Lifecycle 21

Table 1. SOA governance aspects

22 G. Joukhadar and F. Rabhi

2.4 The Research Problem

Numerous IT and SOA governance frameworks have been proposed. However, there
are no guidelines to adopt these frameworks and no evidence regarding their impli-
cations and their success rate. What emerges as a critical issue in any adoption of SOA
governance is not which governance framework to choose, but more importantly to
identify and focus on SOA particular aspects that need to be addressed irrespective of
the framework. This research therefore first examines a range of aspects of SOA
governance that are of key importance when an organization adopts an IT or SOA
governance framework, and then validates these aspects in the real world of SOA. What
are the key business and technical aspects of SOA governance that are critical for its
effective implementation remains an important research problem.
On the other side, there have been many SOA governance frameworks proposed.
Most of them are based on theories and they do not provide guidelines on how to be
applied by the organizations. There is a need to have a conceptual list of aspects to be
used to assess the effectiveness of SOA governance practices [12, 13, 16, 28, 39]. As it
is unclear what organizations are doing in practice, what is needed beyond the current
research is a study of the real-world adoption of SOA across the enterprise and the
aspects of SOA governance that aid such adoption. This is critical for a better
understanding of this popular architectural concept that is being rapidly adopted by
industry organizations [2]. Studies of the aspects of SOA governance are crucial as the
number of SOA implementations grows. Therefore, we need to know if IT and SOA
governance efforts are well integrated with overall corporate governance arrange-
ments in the organization; and how effective are IT and SOA governance arrange-
ments within the organization [25, 4042]. This proposed research could well provide
executives with some guidelines on how to practice effective governance (directing
and controlling of IT resources).

2.5 Research Aims

The paper aims to contribute to knowledge about effective implementation of SOA
governance in organizations that adopt either IT or SOA governance frameworks. It
provides a conceptual list of aspects to be verified in practice that contribute to
effective SOA governance. As a result the research will make the following contri-
bution to literature and practice. The contribution to literature will consist of the list of
aspects used to assess the effectiveness of SOA governance practices in selected
organizations. The focus will be on the assessment of the importance of these aspects
as listed in Table 1 and the identification of new aspects that have not been consid-
ered. Practically, this research will find out what organizations are doing in practice to
address SOA governance, it will investigate whether and how IT or SOA governance
frameworks are used and will also provide insights into the ways these frameworks are
being used by organizations in practice and what problems they face as a result.
Moreover, the list of SOA governance aspects will provide guidance for organizations
to improve SOA governance.
 Effective Governance During SOA Lifecycle 23

3 Problems, Research Approach, Methodology and Design

3.1 Problem Statement
We can conclude that frameworks have been created but most of them address the
technical aspects, others were satisfied with the abstract design guidelines and some
others focus on specific management aspects [3]. We dont know to which degree
SOA governance frameworks and processes have been adopted; there is also a gap in
the literature related to the experience in using SOA governance frameworks and
processes and how these models are related to SOA adoption. Therefore, the problem
to be addressed in this research paper is that of assessing the level of adoption of SOA
governance frameworks and processes in practice and to identify correlations between
the level of adoption of SOA governance framework and that of SOA in general.

3.2 Methodologies and Design

Since the research problem statement is concerned with determining a common
understanding of what SOA governance means in practice by highlighting the aspects
of SOA governance frameworks, and since the number of organizations that have
adopted SOA governance framework is likely to be small, this research uses an
interpretive qualitative research methodology based on interviews as a first phase and
in-depth field-study in the second phase, to address the research problem. Following a
long tradition in qualitative, interpretive research in IS, Goldkuhl [43] claims that
scientific knowledge should be based on the meanings and knowledge of the studied
actors and also co-constructed through inter-subjective meaning by the actors and
researchers making during the empirical study. Given that the focus of this study is the
practice of SOA governance in real-life contexts and that the aim is to find out
whether and how different SOA and IT governance frameworks are applied in practice
so as to create an understanding of the discrepancy between theory (how frameworks
should be applied) and the practice, an interpretive methodology is adopted involving
a particular research design, discussed next.
Phase I Interviewing Experts An Interpretive Study
The first phase involves conducting interviews with experts who have experience with
SOA governance in multiple companies and who participated in several SOA projects.
The role of the interviews is to acquire a broad view of SOA governance issues at the
time the study is done. The interviews will focus on the aspects of the governance
frameworks used in practice. The expected outcomes of these interviews are the
verification of relevant aspects of SOA governance found in the literature (as pre-
sented in Table 1) and the identification of new elements. The interviewees will be
selected and recruited through professional networks of SOA/IT governance experts.
The interviews will take the form of face-to-face personal interviews.
Phase II - In-Depth Field Study
The second phase a field research study will consist of an in-depth study of two
organizations. One that has been highly successful with SOA governance and another
24 G. Joukhadar and F. Rabhi

one that attempted and failed to implement SOA governance. The selection of two
cases will enable the identification and analysis of SOA governance aspects present in
both, and those present in one of them. By contrasting SOA governance effectiveness in
the two cases and the ways individual aspects are implemented will provide grounding
for the development of substantive theoretical claims regarding the importance and role
of SOA governance aspects. The aim is not to generalize empirically but to generalize
conceptually and provide an account of SOA governance aspects. This phase will allow
having direct, in-depth contact with organizational participants, particularly through
interviews and direct observations of activities. Data collection in this phase relies on
observing, listening to members, taking notes, getting involved sometimes, and running
field interviews.

3.3 Data Analysis

Data analysis will be conducted during and after each phase. The interview transcripts
in Phase I will be analyzed using Thematic analysis [44]. The empirical material
collected in Phase II including filed notes, interviews, and various documents will
be analyzed during the field work thus enabling raising new questions and directing
the study towards interesting emerging aspects. Analysis of texts in both phases will
proceed following Thematic analysis by first coding interesting ideas, topics, and
concepts and then organizing them into themes and identifying links among them.
Coding in Thematic analysis helps the researcher to build a systematic account of
what has been observed and recorded [44]. The thematic analysis will proceed in three
steps: The first step of data analysis will involve coding and categorizing the textual
data often called an open coding. The codes will be described and all related texts
compared and analyzed. As the codes take shape, looking for relationships between
these codes comes next. This is called axial coding. Axial coding allows certain codes
to be subsumed under broader headings and some abstract codes to be seen more
crucial than others. The last step is called theoretical coding (or selective coding). It
will involve the identification of the core category around the analysis focuses. It will
ideally identify the core code or codes allowing a central story to be developed.
Theoretical coding usually occurs later when major themes emerge; the core cate-
gories will be verified and revised after checking the data [44].

4 Preliminary Findings
4.1 Participants
This study is still at infancy stage. Three face-to-face interviews were conducted as
part of Phase I. The interviewees are selected and recruited through professional
networks of SOA/IT governance experts. Contacts were made in advance by email
and one page summary of the research was sent upon request. Each interview was
given one-hour. The interview questions were not given in advance. The participants
had a decision-making role in their organizations and their experience with SOA
governance varies from 7 to 25 years. They have worked with a minimum of two
 Effective Governance During SOA Lifecycle 25

organizations and on different SOA projects at different sectors: telecommunication,

government, information systems, IT Architecture, IT management, software services
and software products. The participants have occupied the roles of Systems Analyst,
Project Manager, Technical Architect, Enterprise Architect, and others. Table 2
summarizes the organizations profile and interviewees roles at their organizations.

Table 2. A snapshot of the organizations interviewed

Firm Industry sector Interviewee

1 Software services Project Manager
2 Government sector Enterprise Architect
3 Software products Systems Analyst

4.2 Results
A broad set of questions were asked regarding the participants background, their
experience with IT and SOA governance, the mechanisms used to select a governance
framework, the benefits realized from selecting that framework, the aspects consid-
ered in the framework, how the aspects were observed, and the lessons learned.
The interviews demonstrate the need to assess and validate the governance
aspects. During the interviews, the participants were asked to assess each of the
aspects listed in the literature review and to evaluate its importance: Not Very
Important, Important and Very Important (Table 3). The interview transcripts were
analyzed using Thematic Analysis as mentioned in Sect. 3.3. First, interesting ideas,
topics, and concepts were coded, and then organizing and grouping the coded con-
cepts into themes and broader categories and identifying links among them. Finally,
the themes were reviewed to identify similar patterns across the data from the three
organizations interviewed. All participants have used different SOA governance
frameworks at the organizations they have worked. None of them have used an IT
governance framework for an SOA project. The participants view to SOA was based
on their own experience. They all agreed that SOA needs a governance framework,
but more importantly was their view to the aspects to consider in the governance
framework. They selected their governance frameworks based on their organizations
needs. They either modified the framework selected to match with their organizational
requirements or built their own one.
As a preliminary analysis based on the three interviews, the most important
aspects were: organizational changes, Enterprise Service Bus, process monitoring and
evaluation, and service security. This is not to ignore the service performance analysis
and infrastructure capability. All three participants discussed in details the Enterprise
Service Bus as being critical to their organizations SOA governance framework. One
of the participants pointed to a new potential aspect - the interaction with web services
- and suggested that it could be as a new aspect rather than being included under
Enterprise Service Bus. The three interviewees conducted were used to adjust the
interview questions of Phase I in order to capture additional empirical data and try to
achieve the aims of this research.
26 G. Joukhadar and F. Rabhi

Table 3. * = Not Very Important, ** = Important, *** = Very Important

Interview 1

Interview 2

Interview 3

Interview 1

Interview 2

Interview 3
Business Aspects Technical Aspects
SOA Vision * * ** Enterprise Service Bus *** *** ***
SOA roadmap * * * Srv. performance analysis ** ** ***
Centre of Excellence ** ** * Policy management * * *
SOA Maturity * * * Best Practices deployment * * ***
Service lifecycle mngt * ** ** SOA Gov. Technology ** * *
SOA Business cap. * * * Infrastructure capability ** ** *
Governance processes ** * ** Process monitoring & eval. *** *** ***
Organizational changes ** *** *** Service transparency control * * **
Service Portfolio mngt * * * Service security ** *** ***
Open srv. market-place * ** ***

5 Conclusion and Future Work

Since the study is still under development and more interviews are to be conducted
soon, it is probably too early to comment further on the results. From what has been
done so far, we conclude that the literature covers enough about SOA governance and
SOA governance frameworks theoretically but there is a gap about the usage of these
frameworks by organizations and how the selection and implementation of a frame-
work affects SOA adoption. This research is seeking to complete Phase I by con-
ducting a total of twenty interviews. When Phase I is completed, two organizations
will be selected for Phase II: one organization that has been highly successful with
SOA governance and another one that attempted and failed to implement SOA gov-
ernance. Comparing and contrasting the results of the two phases will provide
grounding for the development of substantive theoretical claims regarding the
importance and role of SOA governance aspects.

References
1. Luthria, H., Rabhi, F.: Service-oriented computing in practice an agenda for research into
the factors influencing the organizational adoption of service oriented architectures.
J. Theor. Appl. Electron. Commer. Res. 4(1), 3956 (2009)
2. Beimborn, D., et al.: The role of IT/business alignment for achieving SOA business value -
proposing a research model. In: Americas Conference on Information Systems (AMCIS).
AIS Electronic Library (AISeL) (2009)
3. Mller, I., Han, J., Schneider, J.-G., Versteeg, S.: A conceptual framework for unified and
comprehensive SOA management. In: Feuerlicht, G., Lamersdorf, W. (eds.) ICSOC 2008.
LNCS, vol. 5472, pp. 2840. Springer, Heidelberg (2009)
 Effective Governance During SOA Lifecycle 27

4. Varadan, R., et al.: Increasing business flexibility and SOA adoption through effective SOA
governance. IBM Syst. J. 47(3), 473488 (2008)
5. Bernhardt, J., Seese, D.: A conceptual framework for the governance of service-oriented
architectures. In: Feuerlicht, G., Lamersdorf, W. (eds.) ICSOC 2008. LNCS, vol. 5472,
pp. 327338. Springer, Heidelberg (2009)
6. Choi, J., Nazareth, D.L., Jain, H.K.: Implementing service-oriented architecture in
organizations. J. Manage. Inf. Syst. 26(4), 253286 (2010)
7. Rabhi, F.A., et al.: A service-oriented architecture for financial business processes. Inf.
Syst. eBus. Manage. 5(2), 185200 (2007)
8. SoftwareAG.: Best practices for SOA governance user survey. www.softwareag.com/
Corporate/res/SOAGovernanceSurvey.asp (2008). Accessed 7 March 2011
9. Smith, F.O.: As SOA adoption solidifies, good governance is recognized as critical next
step. Manuf. Bus. Technol. 26(6), 4849 (2008)
10. Parachuri, D., Badveeti, N., Mallick, S.: Light weight SOA governance a case study. In:
IEEE Congress on Services - Part I (2008)
11. Lundquist, E.: The five next steps in service-oriented architectures. eWeek 26(19), 22
(2009)
12. Niemann, M., et al.: Challenges of governance approaches for service-oriented
architectures. In: 3rd IEEE International Conference on Digital Ecosystems and
Technologies 2009, DEST 09 (2009)
13. Hassanzadeh, A., Namdarian, L., Elahi, Sb: Developing a framework for evaluating service
oriented architecture governance (SOAG). Knowl.-Based Syst. 24(5), 716730 (2011)
14. High, J.R., Krishnan, G., Sanchez, M.: Creating and maintaining coherency in loosely
coupled systems. IBM Syst. J. 47(3), 357376 (2008)
15. Laurent, W.: A better era of SOA governance. DM Rev. 18(10), 29 (2008)
16. Larrivee, B.: SOA: no governance needed. Or is it? AIIM E-DOC 21(5), 2425 (2007)
17. Hojaji, F., Shirazi, M.R.A.: A comprehensive SOA governance framework based on
COBIT. In: 2010 6th World Congress on Services (SERVICES-1) (2010)
18. Jordan, E., Musson, D.: Corporate governance and IT governance: exploring the boards,
perspective (2004)
19. ITGI.: Control Objectives for Information and Relates Technology (CoBIT) 4.1. IT
Governance Institute (ITGI) (2007)
20. ITGI.: The Val IT Framework. IT Governance Institute (ITGI), Rolling Meadows, IL
(2007)
21. Simonsson, M., Johnson, P., Ekstedt, M.: The effect of IT governance maturity on IT
governance performance. Inf. Syst. Manage. 27(1), 1024 (2010)
22. The risk IT framework. ISACA 2009. www.isaca.org, 10 May 2011
23. COBIT 5 - A Business Framework For The Governance And Management of Enterprise IT.
ISACA 2012, 26 Apr 2012
24. Weill, P., Ross, J.W.: How Top Performers Manage IT Decision Rights for Superior
Results. Harvard Business School Press, Cambridge (2004)
25. Bieberstein, N., et al.: Service-Oriented Architecture (SOA) Compass: Business Value,
Planning, and Enterprise Roadmap. IBM developerWorks Series, 1st edn., 272 pp. IBM
Press, Indianapolis (2006)
26. Derler, P., Weinreich, R.: Models and tools for SOA governance. In: Draheim, D., Weber,
G. (eds.) TEAA 2006. LNCS, vol. 4473, pp. 112126. Springer, Heidelberg (2007)
27. Kuang-Yu, P., Shao-Chen, L., Ming-Tsung, C.: A study of design and implementation on
SOA governance: a service oriented monitoring and alarming perspective. In: IEEE
International Symposium on Service-Oriented System Engineering 2008, SOSE 08 (2008)
28 G. Joukhadar and F. Rabhi

28. Niemann, M., et al.: Towards a generic governance model for service-oriented
architectures. In: Americas Conference on Information Systems (AMCIS). AIS
Electronic Library, Toronto (2008)
29. de Leusse, P., Dimitrakos, T., Brossard, D.: A governance model for SOA. In: IEEE
International Conference on Web Services 2009. ICWS 2009 (2009)
30. Hojaji, F., Shirazi, M.R.A.: AUT SOA governance: a new SOA governance framework
based on COBIT. In: 2010 3rd IEEE International Conference on Computer Science and
Information Technology (ICCSIT) (2010)
31. Hojaji, F., Shirazi, M.R.A.: Developing a more comprehensive and expressive SOA
governance framework. In: 2010 the 2nd IEEE International Conference on Information
Management and Engineering (ICIME) (2010)
32. Afshar, M.: SOA governance: framework and best practices (2007). http://www.oracle.
com/us/technologies/soa/oracle-soa-governance-best-practice-066427.pdf, 25 Apr 2011
33. WebMethods. SOA governance - enabling sustainable success with SOA (2006). http://
www1.webmethods.com/PDF/whitepapers/SOA_Governance.pdf, Oct 2006March 2008
34. Woolf, B.: Introduction to SOA governance. developerWorks (2006). https://www.ibm.
com/developerworks/library/ar-servgov/, 25 July 2010
35. Brown, W., Moore, G., Tegan, W.: SOA governance IBMs approach (2006). ftp://ftp.
software.ibm.com/software/soa/pdf/SOA_Gov_Process_Overview.pdf. Aug 2006July
2008
36. Holley, K., Palistrant, J., Graham, S.: Effective SOA governance. On demand business
(2006). http://www-304.ibm.com/jct03001c/industries/global/files/educ_soa_gov_process_
overview.pdf
37. Zhang, Y., Xiang, G., Liu, W.: On airlines sustainable innovation driven by SOA
governance. In: 2009 International Conference on Information Management, Innovation
Management and Industrial Engineering (2009)
38. Poi, S., et al.: Enabling SOA through organizational change and governance - White paper,
Nov 2007
39. Falkl, J., et al.: IBM advantage for SOA governance standards. http://download.boulder.
ibm.com/ibmdl/pub/software/dw/webservices/ws-soagovernanceadv/
ws-soagovernanceadv-pdf.pdf, Aug 2009
40. Keen, M., et al.: Implementing Technology to Support SOA Governance and Management.
IBM Redbooks, Indianapolis (2007)
41. Bieberstein, N., et al.: Impact of service-oriented architecture on enterprise systems,
organizational structures, and individuals. IBM Syst. J. 44(4), 691708 (2005)
42. Josuttis, N.M.: SOA in Practice. OReilly, Sebastopol (2007)
43. Goldkuhl, G.: Pragmatism vs interpretivism in qualitative information systems research.
Eur. J. Inf. Syst. 21(2), 135146 (2012)
44. Ezzy, D.: Qualitative Analysis: Practice and Innovation. Allen & Unwin, Crows Nest
(2002)
http://www.springer.com/978-3-319-07949-3